Authentication technologies are not taken on due to being too complex, expensive and difficult.
A survey by GrIDsure of 100 senior IT decision makers within large commercial companies with more than 1,000 employees, found that secure authentication is key to adequate data protection. Sixty per cent of the people surveyed said that secure access control solutions, such as two-factor authentication, are too complex and difficult to use.
Also, more than half said that they are too expensive, while almost 20 per cent believed that there are no appropriate technologies on the market. More than half of those surveyed had doubts about whether their current policies, security solutions and systems adequately protected company data, saying that they believed their data was protected only ‘to a degree'.
Stephen Howes, founder and CTO of GrIDsure, said: “Since the beginning of the year, there has been news of severe data breaches on an almost weekly basis. Everyone agrees that passwords are no longer enough to protect sensitive data in a digital age.
“But most of the strong authentication solutions out there are too complicated and costly to implement and manage. You really need something that's as cheap and simple to use as the traditional password, but at the same time much more secure.”
Dave Abraham, CEO of Signify, said that he felt that the survey results were probably correct but he suspected that those typical responses would be given to technology that they had not already tested or deployed.
He said: “Often you need to look at it from the user's perspective, to understand the easiest solution and to remove the complexity.
"In the case of two-factor authentication (2FA), the complexity and user resistance usually comes because of the impact of change on the end-user. In reality most 2FA products are pretty simple and easy to use for the end-user; whether the technology is tokens, SMS or the likes of GrIDsure, it is just the thought of change that users worry about.
“So it's easier for IT departments to avoid change. If I were to get philosophical, for most people any change in their working environment adds complexity and difficulty, because it's different from what the user is used to doing, rather than because the technology is actually difficult itself. It is one of the jobs of the IT team to make it easy for the end-users.
“So IT teams should not worry about the technology, they should focus upon the processes of how to make the roll-out as easy for the end-user as possible; how to make sure that it works flawlessly for the user; and how to make it as easy as possible for the user to cope if they lose their device or forget their PIN. Getting those things right make the user's experience as good as possible, then they find the technology easy.”